Date: Tue, 23 Jul 2013 17:25:14 +0100 (BST)
From: hakre <hanskrentel@...oo.de>
To: "crypt-dev@...ts.openwall.com" <crypt-dev@...ts.openwall.com>
Subject: NUL bytes in Unix crypt SALT string using SHA-256 and SHA-512
Hi list,
I've got a clarification question regarding the (up-to 16 characters used) SALT string for Unix crypt using SHA-256 and SHA-512.
Is it acceptable by the definition of the algorithm to provide 16 NUL bytes? In the meaning that those 16 chars are used as SALT?
Can you share reason why/why not? What is your mental model of this "simple string" for the SALT?
I'm just puzzled while creating some edge-case checks/tests in my own software development and would like to get some kind of feedback I can lean on a bit.
I assume yours here might be able to share.
So thanks for letting me know if
-- hakre